output to other formats too.
doc/Makefile.in
doc/TROUBLESHOOTING
doc/UPGRADE
+doc/cvtsudoers.cat
+doc/cvtsudoers.man.in
+doc/cvtsudoers.mdoc.in
doc/fixman.sh
doc/fixmdoc.sh
doc/schema.ActiveDirectory
plugins/sudoers/bsm_audit.h
plugins/sudoers/check.c
plugins/sudoers/check.h
+plugins/sudoers/cvtsudoers.c
+plugins/sudoers/cvtsudoers_json.c
plugins/sudoers/def_data.c
plugins/sudoers/def_data.h
plugins/sudoers/def_data.in
plugins/sudoers/tsgetgrpw.c
plugins/sudoers/tsgetgrpw.h
plugins/sudoers/visudo.c
-plugins/sudoers/visudo_json.c
plugins/system_group/Makefile.in
plugins/system_group/system_group.c
plugins/system_group/system_group.exp
#
-# Copyright (c) 2010-2015, 2017 Todd C. Miller <Todd.Miller@sudo.ws>
+# Copyright (c) 2010-2015, 2017-2018 Todd C. Miller <Todd.Miller@sudo.ws>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
$(mansrcdir)/sudo.conf.$(mantype) $(mansrcdir)/sudoers.$(mantype) \
$(mansrcdir)/sudoers.ldap.$(mantype) $(mansrcdir)/sudoers.$(mantype) \
$(mansrcdir)/sudoers_timestamp.$(mantype) \
- $(mansrcdir)/sudoreplay.$(mantype) $(mansrcdir)/sudo_plugin.$(mantype)
+ $(mansrcdir)/cvtsudoers.$(mantype) $(mansrcdir)/sudoreplay.$(mantype) \
+ $(mansrcdir)/sudo_plugin.$(mantype)
DEVDOCS = $(srcdir)/sudo.man.in $(srcdir)/sudo.cat \
$(srcdir)/visudo.man.in $(srcdir)/visudo.cat \
$(srcdir)/sudoers.ldap.man.in $(srcdir)/sudoers.ldap.cat \
$(srcdir)/sudoers.man.in $(srcdir)/sudoers.cat \
$(srcdir)/sudoers_timestamp.man.in $(srcdir)/sudoers_timestamp.cat \
+ $(srcdir)/cvtsudoers.man.in $(srcdir)/cvtsudoers.cat \
$(srcdir)/sudoreplay.man.in $(srcdir)/sudoreplay.cat \
$(srcdir)/sudo_plugin.man.in $(srcdir)/sudo_plugin.cat
$(SED) -f varsub $(srcdir)/sudoers_timestamp.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \
fi
+$(srcdir)/cvtsudoers.man.in: $(srcdir)/cvtsudoers.mdoc.in
+ @if [ -n "$(DEVEL)" ]; then \
+ echo "Generating $@"; \
+ mansectsu=`echo @MANSECTSU@|$(TR) A-Z a-z`; \
+ mansectform=`echo @MANSECTFORM@|$(TR) A-Z a-z`; \
+ printf '.\\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!\n' > $@; \
+ printf '.\\" IT IS GENERATED AUTOMATICALLY FROM cvtsudoers.mdoc.in\n' >> $@; \
+ $(SED) -n -e '/^.Dd/q' -e '/^\.\\/p' $(srcdir)/cvtsudoers.mdoc.in >> $@; \
+ $(SED) -e "s/$$mansectsu/8/g" -e "s/$$mansectform/5/g" $(srcdir)/cvtsudoers.mdoc.in | $(MANDOC) -Tman | $(SED) -e 's/^\(\.TH "SUDOREPLAY" \)"8"\(.*"\)OpenBSD \(.*\)/\1"'$$mansectsu'"\2\3/' -e "s/(5)/($$mansectform)/g" -e "s/(8)/($$mansectsu)/g" >> $@; \
+ fi
+
+$(mansrcdir)/cvtsudoers.man: $(top_builddir)/config.status $(srcdir)/cvtsudoers.man.in
+ cd $(top_builddir) && $(SHELL) config.status --file=doc/$@
+
+$(mansrcdir)/cvtsudoers.mdoc: $(top_builddir)/config.status $(srcdir)/cvtsudoers.mdoc.in
+ cd $(top_builddir) && $(SHELL) config.status --file=doc/$@
+
+$(srcdir)/cvtsudoers.cat: varsub $(srcdir)/cvtsudoers.mdoc.in
+ @if [ -n "$(DEVEL)" ]; then \
+ echo "Generating $@"; \
+ $(SED) -f varsub $(srcdir)/cvtsudoers.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \
+ fi
+
$(srcdir)/sudoreplay.man.in: $(srcdir)/sudoreplay.mdoc.in
@if [ -n "$(DEVEL)" ]; then \
echo "Generating $@"; \
--- /dev/null
+CVTSUDOERS(1m) System Manager's Manual CVTSUDOERS(1m)
+
+N\bNA\bAM\bME\bE
+ c\bcv\bvt\bts\bsu\bud\bdo\boe\ber\brs\bs - convert between sudoers file formats
+
+S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
+ c\bcv\bvt\bts\bsu\bud\bdo\boe\ber\brs\bs [-\b-h\bhV\bV] [-\b-f\bf _\bf_\bo_\br_\bm_\ba_\bt] [-\b-o\bo _\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be] [_\bs_\bu_\bd_\bo_\be_\br_\bs_\b__\bf_\bi_\bl_\be]
+
+D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
+ c\bcv\bvt\bts\bsu\bud\bdo\boe\ber\brs\bs can be used to convert a policy file in _\bs_\bu_\bd_\bo_\be_\br_\bs format to
+ other formats. The default output format is JSON.
+
+ If no _\bs_\bu_\bd_\bo_\be_\br_\bs_\b__\bf_\bi_\bl_\be is specified, or if it is `-', the policy is read from
+ the standard input. By default, the result is written to the standard
+ output.
+
+ The options are as follows:
+
+ -\b-f\bf, -\b--\b-f\bfo\bor\brm\bma\bat\bt
+ Specify the output format. Currently, JSON is the only
+ supported output format. The JSON format is intended to be
+ easier for third-party applications to parse than the
+ traditional _\bs_\bu_\bd_\bo_\be_\br_\bs format. The various values have explicit
+ types which removes much of the ambiguity of the _\bs_\bu_\bd_\bo_\be_\br_\bs
+ format.
+
+ -\b-h\bh, -\b--\b-h\bhe\bel\blp\bp Display a short help message to the standard output and exit.
+
+ -\b-o\bo _\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be, -\b--\b-o\bou\but\btp\bpu\but\bt=_\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be
+ Write the converted output to _\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be. If no _\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be
+ is specified, or if it is `-', the converted _\bs_\bu_\bd_\bo_\be_\br_\bs policy
+ will be written to the standard output.
+
+ -\b-V\bV, -\b--\b-v\bve\ber\brs\bsi\bio\bon\bn
+ Print the c\bcv\bvt\bts\bsu\bud\bdo\boe\ber\brs\bs and _\bs_\bu_\bd_\bo_\be_\br_\bs grammar versions and exit.
+
+S\bSE\bEE\bE A\bAL\bLS\bSO\bO
+ sudoers(4), sudo(1m)
+
+A\bAU\bUT\bTH\bHO\bOR\bRS\bS
+ Many people have worked on s\bsu\bud\bdo\bo over the years; this version consists of
+ code written primarily by:
+
+ Todd C. Miller
+
+ See the CONTRIBUTORS file in the s\bsu\bud\bdo\bo distribution
+ (https://www.sudo.ws/contributors.html) for an exhaustive list of people
+ who have contributed to s\bsu\bud\bdo\bo.
+
+B\bBU\bUG\bGS\bS
+ If you feel you have found a bug in c\bcv\bvt\bts\bsu\bud\bdo\boe\ber\brs\bs, please submit a bug
+ report at https://bugzilla.sudo.ws/
+
+S\bSU\bUP\bPP\bPO\bOR\bRT\bT
+ Limited free support is available via the sudo-users mailing list, see
+ https://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search
+ the archives.
+
+D\bDI\bIS\bSC\bCL\bLA\bAI\bIM\bME\bER\bR
+ c\bcv\bvt\bts\bsu\bud\bdo\boe\ber\brs\bs is provided "AS IS" and any express or implied warranties,
+ including, but not limited to, the implied warranties of merchantability
+ and fitness for a particular purpose are disclaimed. See the LICENSE
+ file distributed with s\bsu\bud\bdo\bo or https://www.sudo.ws/license.html for
+ complete details.
+
+Sudo 1.8.22 January 25, 2018 Sudo 1.8.22
--- /dev/null
+.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
+.\" IT IS GENERATED AUTOMATICALLY FROM cvtsudoers.mdoc.in
+.\"
+.\" Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.TH "CVTSUDOERS" "8" "January 25, 2018" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
+.nh
+.if n .ad l
+.SH "NAME"
+\fBcvtsudoers\fR
+\- convert between sudoers file formats
+.SH "SYNOPSIS"
+.HP 11n
+\fBcvtsudoers\fR
+[\fB\-hV\fR]
+[\fB\-f\fR\ \fIformat\fR]
+[\fB\-o\fR\ \fIoutput_file\fR]
+[\fIsudoers_file\fR]
+.SH "DESCRIPTION"
+\fBcvtsudoers\fR
+can be used to convert a policy file in
+\fIsudoers\fR
+format to other formats.
+The default output format is JSON.
+.PP
+If no
+\fIsudoers_file\fR
+is specified, or if it is
+\(oq-\(cq,
+the policy is read from the standard input.
+By default, the result is written to the standard output.
+.PP
+The options are as follows:
+.TP 12n
+\fB\-f\fR, \fB\--format\fR
+Specify the output format.
+Currently, JSON is the only supported output format.
+The JSON format is intended to be easier for third-party
+applications to parse than the traditional
+\fIsudoers\fR
+format.
+The various values have explicit types which removes much of the
+ambiguity of the
+\fIsudoers\fR
+format.
+.TP 12n
+\fB\-h\fR, \fB\--help\fR
+Display a short help message to the standard output and exit.
+.TP 12n
+\fB\-o\fR \fIoutput_file\fR, \fB\--output\fR=\fIoutput_file\fR
+Write the converted output to
+\fIoutput_file\fR.
+If no
+\fIoutput_file\fR
+is specified, or if it is
+\(oq-\(cq,
+the converted
+\fIsudoers\fR
+policy will be written to the standard output.
+.TP 12n
+\fB\-V\fR, \fB\--version\fR
+Print the
+\fBcvtsudoers\fR
+and
+\fIsudoers\fR
+grammar versions and exit.
+.SH "SEE ALSO"
+sudoers(@mansectform@),
+sudo(@mansectsu@)
+.SH "AUTHORS"
+Many people have worked on
+\fBsudo\fR
+over the years; this version consists of code written primarily by:
+.sp
+.RS 6n
+Todd C. Miller
+.RE
+.PP
+See the CONTRIBUTORS file in the
+\fBsudo\fR
+distribution (https://www.sudo.ws/contributors.html) for an
+exhaustive list of people who have contributed to
+\fBsudo\fR.
+.SH "BUGS"
+If you feel you have found a bug in
+\fBcvtsudoers\fR,
+please submit a bug report at https://bugzilla.sudo.ws/
+.SH "SUPPORT"
+Limited free support is available via the sudo-users mailing list,
+see https://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
+search the archives.
+.SH "DISCLAIMER"
+\fBcvtsudoers\fR
+is provided
+\(LqAS IS\(Rq
+and any express or implied warranties, including, but not limited
+to, the implied warranties of merchantability and fitness for a
+particular purpose are disclaimed.
+See the LICENSE file distributed with
+\fBsudo\fR
+or https://www.sudo.ws/license.html for complete details.
--- /dev/null
+.\"
+.\" Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd January 25, 2018
+.Dt CVTSUDOERS @mansectsu@
+.Os Sudo @PACKAGE_VERSION@
+.Sh NAME
+.Nm cvtsudoers
+.Nd convert between sudoers file formats
+.Sh SYNOPSIS
+.Nm cvtsudoers
+.Op Fl hV
+.Op Fl f Ar format
+.Op Fl o Ar output_file
+.Op Ar sudoers_file
+.Sh DESCRIPTION
+.Nm
+can be used to convert a policy file in
+.Em sudoers
+format to other formats.
+The default output format is JSON.
+.Pp
+If no
+.Ar sudoers_file
+is specified, or if it is
+.Ql - ,
+the policy is read from the standard input.
+By default, the result is written to the standard output.
+.Pp
+The options are as follows:
+.Bl -tag -width Fl
+.It Fl f , -format
+Specify the output format.
+Currently, JSON is the only supported output format.
+The JSON format is intended to be easier for third-party
+applications to parse than the traditional
+.Em sudoers
+format.
+The various values have explicit types which removes much of the
+ambiguity of the
+.Em sudoers
+format.
+.It Fl h , -help
+Display a short help message to the standard output and exit.
+.It Fl o Ar output_file , Fl -output Ns = Ns Ar output_file
+Write the converted output to
+.Ar output_file .
+If no
+.Ar output_file
+is specified, or if it is
+.Ql - ,
+the converted
+.Em sudoers
+policy will be written to the standard output.
+.It Fl V , -version
+Print the
+.Nm
+and
+.Em sudoers
+grammar versions and exit.
+.El
+.El
+.Sh SEE ALSO
+.Xr sudoers @mansectform@ ,
+.Xr sudo @mansectsu@
+.Sh AUTHORS
+Many people have worked on
+.Nm sudo
+over the years; this version consists of code written primarily by:
+.Bd -ragged -offset indent
+.An Todd C. Miller
+.Ed
+.Pp
+See the CONTRIBUTORS file in the
+.Nm sudo
+distribution (https://www.sudo.ws/contributors.html) for an
+exhaustive list of people who have contributed to
+.Nm sudo .
+.Sh BUGS
+If you feel you have found a bug in
+.Nm ,
+please submit a bug report at https://bugzilla.sudo.ws/
+.Sh SUPPORT
+Limited free support is available via the sudo-users mailing list,
+see https://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
+search the archives.
+.Sh DISCLAIMER
+.Nm
+is provided
+.Dq AS IS
+and any express or implied warranties, including, but not limited
+to, the implied warranties of merchantability and fitness for a
+particular purpose are disclaimed.
+See the LICENSE file distributed with
+.Nm sudo
+or https://www.sudo.ws/license.html for complete details.
v\bvi\bis\bsu\bud\bdo\bo - edit the sudoers file
S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
- v\bvi\bis\bsu\bud\bdo\bo [-\b-c\bch\bhq\bqs\bsV\bV] [-\b-f\bf _\bs_\bu_\bd_\bo_\be_\br_\bs] [-\b-x\bx _\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be]
+ v\bvi\bis\bsu\bud\bdo\bo [-\b-c\bch\bhq\bqs\bsV\bV] [-\b-f\bf _\bs_\bu_\bd_\bo_\be_\br_\bs]
D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
v\bvi\bis\bsu\bud\bdo\bo edits the _\bs_\bu_\bd_\bo_\be_\br_\bs file in a safe fashion, analogous to vipw(1m).
-\b-V\bV, -\b--\b-v\bve\ber\brs\bsi\bio\bon\bn
Print the v\bvi\bis\bsu\bud\bdo\bo and _\bs_\bu_\bd_\bo_\be_\br_\bs grammar versions and exit.
- -\b-x\bx _\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be, -\b--\b-e\bex\bxp\bpo\bor\brt\bt=_\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be
- Export a _\bs_\bu_\bd_\bo_\be_\br_\bs in JSON format and write it to _\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be.
- If _\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be is `-', the exported _\bs_\bu_\bd_\bo_\be_\br_\bs policy will be
- written to the standard output. By default, _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\be_\br_\bs
- (and any files it includes) will be exported. The -\b-f\bf option
- can be used to specify a different _\bs_\bu_\bd_\bo_\be_\br_\bs file to export.
- The exported format is intended to be easier for third-party
- applications to parse than the traditional _\bs_\bu_\bd_\bo_\be_\br_\bs format.
- The various values have explicit types which removes much of
- the ambiguity of the _\bs_\bu_\bd_\bo_\be_\br_\bs format.
-
D\bDe\beb\bbu\bug\bgg\bgi\bin\bng\bg a\ban\bnd\bd s\bsu\bud\bdo\boe\ber\brs\bs p\bpl\blu\bug\bgi\bin\bn a\bar\brg\bgu\bum\bme\ben\bnt\bts\bs
v\bvi\bis\bsu\bud\bdo\bo versions 1.8.4 and higher support a flexible debugging framework
that is configured via Debug lines in the sudo.conf(4) file.
The _\bs_\bu_\bd_\bo_\be_\br_\bs file contains a Defaults setting not recognized by
v\bvi\bis\bsu\bud\bdo\bo.
- /etc/sudoers: input and output files must be different
- The -\b-x\bx flag was used and the specified _\bo_\bu_\bt_\bp_\bu_\bt_\b__\bf_\bi_\bl_\be has the same
- path name as the _\bs_\bu_\bd_\bo_\be_\br_\bs file to export.
-
S\bSE\bEE\bE A\bAL\bLS\bSO\bO
vi(1), sudo.conf(4), sudoers(4), sudo(1m), vipw(1m)
file distributed with s\bsu\bud\bdo\bo or https://www.sudo.ws/license.html for
complete details.
-Sudo 1.8.22 December 21, 2017 Sudo 1.8.22
+Sudo 1.8.22 January 26, 2018 Sudo 1.8.22
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
.\" IT IS GENERATED AUTOMATICALLY FROM visudo.mdoc.in
.\"
-.\" Copyright (c) 1996,1998-2005, 2007-2017
+.\" Copyright (c) 1996,1998-2005, 2007-2018
.\" Todd C. Miller <Todd.Miller@sudo.ws>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.TH "VISUDO" "8" "December 21, 2017" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
+.TH "VISUDO" "8" "January 26, 2018" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
.nh
.if n .ad l
.SH "NAME"
\fBvisudo\fR
[\fB\-chqsV\fR]
[\fB\-f\fR\ \fIsudoers\fR]
-[\fB\-x\fR\ \fIoutput_file\fR]
.SH "DESCRIPTION"
\fBvisudo\fR
edits the
and
\fIsudoers\fR
grammar versions and exit.
-.TP 12n
-\fB\-x\fR \fIoutput_file\fR, \fB\--export\fR=\fIoutput_file\fR
-Export a
-\fIsudoers\fR
-in JSON format and write it to
-\fIoutput_file\fR.
-If
-\fIoutput_file\fR
-is
-\(oq-\(cq,
-the exported
-\fIsudoers\fR
-policy will be written to the standard output.
-By default,
-\fI@sysconfdir@/sudoers\fR
-(and any files it includes) will be exported.
-The
-\fB\-f\fR
-option can be used to specify a different
-\fIsudoers\fR
-file to export.
-The exported format is intended to be easier for third-party
-applications to parse than the traditional
-\fIsudoers\fR
-format.
-The various values have explicit types which removes much of the
-ambiguity of the
-\fIsudoers\fR
-format.
.SS "Debugging and sudoers plugin arguments"
\fBvisudo\fR
versions 1.8.4 and higher support a flexible debugging framework
\fRDefaults\fR
setting not recognized by
\fBvisudo\fR.
-.TP 6n
-\fR@sysconfdir@/sudoers: input and output files must be different\fR
-The
-\fB\-x\fR
-flag was used and the specified
-\fIoutput_file\fR
-has the same path name as the
-\fIsudoers\fR
-file to export.
.SH "SEE ALSO"
vi(1),
sudo.conf(@mansectform@),
.\"
-.\" Copyright (c) 1996,1998-2005, 2007-2017
+.\" Copyright (c) 1996,1998-2005, 2007-2018
.\" Todd C. Miller <Todd.Miller@sudo.ws>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.Dd December 21, 2017
+.Dd January 26, 2018
.Dt VISUDO @mansectsu@
.Os Sudo @PACKAGE_VERSION@
.Sh NAME
.Nm visudo
.Op Fl chqsV
.Op Fl f Ar sudoers
-.Op Fl x Ar output_file
.Sh DESCRIPTION
.Nm
edits the
and
.Em sudoers
grammar versions and exit.
-.It Fl x Ar output_file , Fl -export Ns = Ns Ar output_file
-Export a
-.Em sudoers
-in JSON format and write it to
-.Ar output_file .
-If
-.Ar output_file
-is
-.Ql - ,
-the exported
-.Em sudoers
-policy will be written to the standard output.
-By default,
-.Pa @sysconfdir@/sudoers
-(and any files it includes) will be exported.
-The
-.Fl f
-option can be used to specify a different
-.Em sudoers
-file to export.
-The exported format is intended to be easier for third-party
-applications to parse than the traditional
-.Em sudoers
-format.
-The various values have explicit types which removes much of the
-ambiguity of the
-.Em sudoers
-format.
.El
.Ss Debugging and sudoers plugin arguments
.Nm
.Li Defaults
setting not recognized by
.Nm .
-.It Li @sysconfdir@/sudoers: input and output files must be different
-The
-.Fl x
-flag was used and the specified
-.Ar output_file
-has the same path name as the
-.Em sudoers
-file to export.
.El
.Sh SEE ALSO
.Xr vi 1 ,
SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@ @LIBMD@
REPLAY_LIBS = @REPLAY_LIBS@ @ZLIB@
VISUDO_LIBS = $(NET_LIBS) @LIBMD@
+CVTSUDOERS_LIBS = $(NET_LIBS) @LIBMD@
TESTSUDOERS_LIBS = $(NET_LIBS) @LIBMD@
# C preprocessor defines
# Directory in which to install the sudoers file
sudoersdir = $(sysconfdir)
-# Directory in which to install sudoreplay.
-replaydir = $(bindir)
-
-# Directory in which to install visudo
-visudodir = $(sbindir)
-
# User and group ids the installed files should be "owned" by
install_uid = 0
install_gid = 0
SHELL = @SHELL@
-PROGS = sudoers.la visudo sudoreplay testsudoers
+PROGS = sudoers.la visudo sudoreplay cvtsudoers testsudoers
TEST_PROGS = check_addr check_base64 check_digest check_env_pattern \
check_fill check_gentime check_hexchar check_iolog_path \
set_perms.lo starttime.lo sudo_nss.lo sudoers.lo \
timestamp.lo @SUDOERS_OBJS@
-VISUDO_OBJS = editor.o find_path.o goodpath.o locale.o sudo_printf.o visudo.o \
- visudo_json.o
+VISUDO_OBJS = editor.o find_path.o goodpath.o locale.o sudo_printf.o visudo.o
+
+CVTSUDOERS_OBJS = cvtsudoers.o cvtsudoers_json.o locale.o sudo_printf.o
REPLAY_OBJS = getdate.o sudoreplay.o
visudo: libparsesudoers.la $(VISUDO_OBJS) $(LT_LIBS)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(VISUDO_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(VISUDO_LIBS)
+cvtsudoers: libparsesudoers.la $(CVTSUDOERS_OBJS) $(LT_LIBS)
+ $(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CVTSUDOERS_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(CVTSUDOERS_LIBS)
+
sudoreplay: timestr.lo $(REPLAY_OBJS) $(LT_LIBS)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(REPLAY_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) timestr.lo $(LIBS) $(REPLAY_LIBS)
install-dirs:
$(SHELL) $(top_srcdir)/mkinstalldirs $(DESTDIR)$(plugindir) \
- $(DESTDIR)$(visudodir) $(DESTDIR)$(replaydir) \
+ $(DESTDIR)$(sbindir) $(DESTDIR)$(bindir) \
$(DESTDIR)$(sudoersdir) $(DESTDIR)$(docdir) \
`echo $(DESTDIR)$(rundir)|$(SED) 's,/[^/]*$$,,'` \
`echo $(DESTDIR)$(vardir)|$(SED) 's,/[^/]*$$,,'`
$(INSTALL) -d $(INSTALL_OWNER) -m 0711 $(DESTDIR)$(vardir)
$(INSTALL) -d $(INSTALL_OWNER) -m 0700 $(DESTDIR)$(vardir)/lectured
-install-binaries: visudo sudoreplay install-dirs
- INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 sudoreplay $(DESTDIR)$(replaydir)/sudoreplay
- INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 visudo $(DESTDIR)$(visudodir)/visudo
+install-binaries: cvtsudoers sudoreplay visudo install-dirs
+ INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 cvtsudoers $(DESTDIR)$(bindir)/cvtsudoers
+ INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 sudoreplay $(DESTDIR)$(bindir)/sudoreplay
+ INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 visudo $(DESTDIR)$(sbindir)/visudo
install-includes:
uninstall:
-$(LIBTOOL) $(LTFLAGS) --mode=uninstall rm -f $(DESTDIR)$(plugindir)/sudoers.la
- -rm -f $(DESTDIR)$(replaydir)/sudoreplay \
- $(DESTDIR)$(visudodir)/visudo
+ -rm -f $(DESTDIR)$(bindir)/cvtsudoers \
+ $(DESTDIR)$(bindir)/sudoreplay
+ $(DESTDIR)$(sbindir)/visudo
-test -z "$(INSTALL_BACKUP)" || \
- $(DESTDIR)$(replaydir)/sudoreplay$(INSTALL_BACKUP) \
- $(DESTDIR)$(visudodir)/visudo$(INSTALL_BACKUP) \
+ $(DESTDIR)$(bindir)/cvtsudoers$(INSTALL_BACKUP) \
+ $(DESTDIR)$(bindir)/sudoreplay$(INSTALL_BACKUP) \
+ $(DESTDIR)$(sbindir)/visudo$(INSTALL_BACKUP) \
$(DESTDIR)$(plugindir)/sudoers.so$(INSTALL_BACKUP)
-cmp $(DESTDIR)$(sudoersdir)/sudoers $(DESTDIR)$(sudoersdir)/sudoers.dist >/dev/null && \
rm -f $(DESTDIR)$(sudoersdir)/sudoers
diff $$toke $(srcdir)/$$toke.ok || true; \
fi; \
total=`expr $$total + 1`; \
- ./visudo -f $$t -x - >$$json 2>/dev/null || true; \
+ ./cvtsudoers -o $$json $$t 2>/dev/null || true; \
total=`expr $$total + 1`; \
if cmp $$json $(srcdir)/$$json.ok >/dev/null; then \
passed=`expr $$passed + 1`; \
$(incdir)/sudo_fatal.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_util.h $(top_builddir)/config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/logging/check_wrap.c
+cvtsudoers.o: $(srcdir)/cvtsudoers.c $(devdir)/def_data.h $(devdir)/gram.h \
+ $(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \
+ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+ $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+ $(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
+ $(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/sudo_nss.h \
+ $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+ $(srcdir)/sudoers_version.h $(top_builddir)/config.h \
+ $(top_builddir)/pathnames.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/cvtsudoers.c
+cvtsudoers_json.o: $(srcdir)/cvtsudoers_json.c $(devdir)/def_data.h \
+ $(devdir)/gram.h $(incdir)/compat/stdbool.h \
+ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
+ $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+ $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+ $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+ $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
+ $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+ $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+ $(top_builddir)/pathnames.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/cvtsudoers_json.c
dce.lo: $(authdir)/dce.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(srcdir)/sudoers_version.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/visudo.c
-visudo_json.o: $(srcdir)/visudo_json.c $(devdir)/def_data.h $(devdir)/gram.h \
- $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
- $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
- $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
- $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
- $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
- $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
- $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
- $(top_builddir)/pathnames.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/visudo_json.c
--- /dev/null
+/*
+ * Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * Convert from sudoers format to other formats.
+ * Currently outputs to JSON
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <unistd.h>
+#include <fcntl.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include "sudoers.h"
+#include "interfaces.h"
+#include "parse.h"
+#include "redblack.h"
+#include "sudoers_version.h"
+#include "sudo_conf.h"
+#include <gram.h>
+
+#ifdef HAVE_GETOPT_LONG
+# include <getopt.h>
+# else
+# include "compat/getopt.h"
+#endif /* HAVE_GETOPT_LONG */
+
+extern bool export_sudoers(const char *, const char *);
+
+/*
+ * Globals
+ */
+struct sudo_user sudo_user;
+struct passwd *list_pw;
+static const char short_opts[] = "f:ho:V";
+static struct option long_opts[] = {
+ { "format", required_argument, NULL, 'f' },
+ { "help", no_argument, NULL, 'h' },
+#ifdef notyet
+ { "input-format", required_argument, NULL, 'i' },
+#endif
+ { "output", required_argument, NULL, 'o' },
+ { "version", no_argument, NULL, 'V' },
+ { NULL, no_argument, NULL, '\0' },
+};
+
+__dso_public int main(int argc, char *argv[]);
+static void get_hostname(void);
+static void help(void) __attribute__((__noreturn__));
+static void usage(int);
+
+int
+main(int argc, char *argv[])
+{
+ int ch, exitcode = EXIT_FAILURE;
+ const char *input_file = "-", *output_file = "-";
+ const char *output_format = "JSON";
+ debug_decl(main, SUDOERS_DEBUG_MAIN)
+
+#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
+ {
+ extern char *malloc_options;
+ malloc_options = "S";
+ }
+#endif
+
+ initprogname(argc > 0 ? argv[0] : "cvtsudoers");
+ if (!sudoers_initlocale(setlocale(LC_ALL, ""), def_sudoers_locale))
+ sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+ sudo_warn_set_locale_func(sudoers_warn_setlocale);
+ bindtextdomain("sudoers", LOCALEDIR); /* XXX - should have visudo domain */
+ textdomain("sudoers");
+
+#if 0
+ /* Register fatal/fatalx callback. */
+ sudo_fatal_callback_register(cvtsudoers_cleanup);
+#endif
+
+ /* Read debug and plugin sections of sudo.conf. */
+ if (sudo_conf_read(NULL, SUDO_CONF_DEBUG|SUDO_CONF_PLUGINS) == -1)
+ goto done;
+
+ /* Initialize the debug subsystem. */
+ if (!sudoers_debug_register(getprogname(), sudo_conf_debug_files(getprogname())))
+ goto done;
+
+ /*
+ * Arg handling.
+ */
+ while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) {
+ switch (ch) {
+ case 'f':
+ if (strcasecmp(optarg, "json") != 0) {
+ sudo_warnx("unsupported output format %s", optarg);
+ usage(1);
+ }
+ output_format = optarg;
+ break;
+ case 'h':
+ help();
+ break;
+ case 'o':
+ output_file = optarg;
+ break;
+ case 'V':
+ (void) printf(_("%s version %s\n"), getprogname(),
+ PACKAGE_VERSION);
+ (void) printf(_("%s grammar version %d\n"), getprogname(),
+ SUDOERS_GRAMMAR_VERSION);
+ exitcode = EXIT_SUCCESS;
+ goto done;
+ default:
+ usage(1);
+ }
+ }
+ argc -= optind;
+ argv += optind;
+
+ /* Input file (defaults to stdin). */
+ if (argc > 0) {
+ /* XXX - allow multiple input files? */
+ if (argc > 1)
+ usage(1);
+ input_file = argv[0];
+ }
+
+ /* Mock up a fake sudo_user struct. */
+ /* XXX - common with visudo */
+ user_cmnd = user_base = "";
+ if (geteuid() == 0) {
+ const char *user = getenv("SUDO_USER");
+ if (user != NULL && *user != '\0')
+ sudo_user.pw = sudo_getpwnam(user);
+ }
+ if (sudo_user.pw == NULL) {
+ if ((sudo_user.pw = sudo_getpwuid(getuid())) == NULL)
+ sudo_fatalx(U_("you do not exist in the %s database"), "passwd");
+ }
+ get_hostname();
+
+ /* Setup defaults data structures. */
+ if (!init_defaults())
+ sudo_fatalx(U_("unable to initialize sudoers default values"));
+
+ exitcode = export_sudoers(input_file, output_file) ? EXIT_SUCCESS : EXIT_FAILURE;
+
+done:
+ sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, exitcode);
+ return exitcode;
+}
+
+FILE *
+open_sudoers(const char *sudoers, bool doedit, bool *keepopen)
+{
+ return fopen(sudoers, "r");
+}
+
+/* XXX - Common stubs belong in their own file */
+
+/* STUB */
+bool
+init_envtables(void)
+{
+ return true;
+}
+
+/* STUB */
+bool
+user_is_exempt(void)
+{
+ return false;
+}
+
+/* STUB */
+void
+sudo_setspent(void)
+{
+ return;
+}
+
+/* STUB */
+void
+sudo_endspent(void)
+{
+ return;
+}
+
+/* STUB */
+int
+group_plugin_query(const char *user, const char *group, const struct passwd *pw)
+{
+ return false;
+}
+
+/* STUB */
+struct interface_list *
+get_interfaces(void)
+{
+ static struct interface_list dummy = SLIST_HEAD_INITIALIZER(interfaces);
+ return &dummy;
+}
+
+/*
+ * Look up the hostname and set user_host and user_shost.
+ */
+static void
+get_hostname(void)
+{
+ char *p;
+ debug_decl(get_hostname, SUDOERS_DEBUG_UTIL)
+
+ if ((user_host = sudo_gethostname()) != NULL) {
+ if ((p = strchr(user_host, '.'))) {
+ *p = '\0';
+ if ((user_shost = strdup(user_host)) == NULL)
+ sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
+ *p = '.';
+ } else {
+ user_shost = user_host;
+ }
+ } else {
+ user_host = user_shost = "localhost";
+ }
+ user_runhost = user_host;
+ user_srunhost = user_shost;
+ debug_return;
+}
+
+static void
+usage(int fatal)
+{
+ (void) fprintf(fatal ? stderr : stdout,
+ "usage: %s [-hV] [-f format] [-o output_file] [sudoers_file]\n",
+ getprogname());
+ if (fatal)
+ exit(1);
+}
+
+static void
+help(void)
+{
+ (void) printf(_("%s - convert between sudoers file formats\n\n"), getprogname());
+ usage(0);
+ (void) puts(_("\nOptions:\n"
+ " -f, --format=JSON specify output format\n"
+ " -h, --help display help message and exit\n"
+ " -o, --output=output_file write sudoers in JSON format to output_file\n"
+ " -V, --version display version information and exit"));
+ exit(0);
+}
/*
- * Copyright (c) 2013-2016 Todd C. Miller <Todd.Miller@sudo.ws>
+ * Copyright (c) 2013-2018 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
/*
* Export the parsed sudoers file in JSON format.
- * XXX - ignores strict flag and doesn't pass through quiet flag
*/
bool
-export_sudoers(const char *sudoers_path, const char *export_path,
- bool quiet, bool strict)
+export_sudoers(const char *sudoers_path, const char *export_path)
{
bool ret = false, need_comma = false;
const int indent = 4;
if (strcmp(sudoers_path, "-") == 0) {
sudoersin = stdin;
sudoers_path = "stdin";
- } else if ((sudoersin = fopen(sudoers_path, "r")) == NULL) {
- if (!quiet)
- sudo_warn(U_("unable to open %s"), sudoers_path);
- goto done;
- }
+ } else if ((sudoersin = fopen(sudoers_path, "r")) == NULL)
+ sudo_fatal(U_("unable to open %s"), sudoers_path);
if (strcmp(export_path, "-") != 0) {
+ /* XXX - move check to front-end */
if (strcmp(sudoers_path, export_path) == 0) {
- if (!quiet) {
- sudo_warnx(U_("%s: input and output files must be different"),
- sudoers_path);
- }
- goto done;
- }
- if ((export_fp = fopen(export_path, "w")) == NULL) {
- if (!quiet)
- sudo_warn(U_("unable to open %s"), export_path);
- goto done;
+ sudo_fatalx(U_("%s: input and output files must be different"),
+ sudoers_path);
}
+ if ((export_fp = fopen(export_path, "w")) == NULL)
+ sudo_fatal(U_("unable to open %s"), export_path);
}
- init_parser(sudoers_path, quiet);
+ init_parser(sudoers_path, false);
if (sudoersparse() && !parse_error) {
- if (!quiet)
- sudo_warnx(U_("failed to parse %s file, unknown error"), sudoers_path);
+ sudo_warnx(U_("failed to parse %s file, unknown error"), sudoers_path);
parse_error = true;
rcstr_delref(errorfile);
if ((errorfile = rcstr_dup(sudoers_path)) == NULL)
ret = !parse_error;
if (parse_error) {
- if (!quiet) {
- if (errorlineno != -1)
- sudo_warnx(U_("parse error in %s near line %d\n"),
- errorfile, errorlineno);
- else if (errorfile != NULL)
- sudo_warnx(U_("parse error in %s\n"), errorfile);
- }
+ if (errorlineno != -1)
+ sudo_warnx(U_("parse error in %s near line %d\n"),
+ errorfile, errorlineno);
+ else if (errorfile != NULL)
+ sudo_warnx(U_("parse error in %s\n"), errorfile);
goto done;
}
static void usage(int);
static void visudo_cleanup(void);
-extern bool export_sudoers(const char *, const char *, bool, bool);
-
-extern void sudoerserror(const char *);
extern void sudoersrestart(FILE *);
/*
char *editor, **editor_argv;
int ch, oldlocale, editor_argc, exitcode = 0;
bool quiet, strict, oldperms;
- const char *export_path;
debug_decl(main, SUDOERS_DEBUG_MAIN)
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
* Arg handling.
*/
checkonly = oldperms = quiet = strict = false;
- export_path = NULL;
while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) {
switch (ch) {
case 'V':
quiet = true; /* quiet mode */
break;
case 'x':
- export_path = optarg; /* export mode */
- break;
+ /* XXX - make more concise */
+ sudo_warnx(U_("conversion of sudoers to JSON format has moved to the cvtsudoers utility"));
+ usage(1);
default:
usage(1);
}
exitcode = check_syntax(sudoers_file, quiet, strict, oldperms) ? 0 : 1;
goto done;
}
- if (export_path != NULL) {
- exitcode = export_sudoers(sudoers_file, export_path, quiet, strict) ? 0 : 1;
- goto done;
- }
/*
* Parse the existing sudoers file(s) to highlight any existing
usage(int fatal)
{
(void) fprintf(fatal ? stderr : stdout,
- "usage: %s [-chqsV] [-f sudoers] [-x output_file]\n", getprogname());
+ "usage: %s [-chqsV] [-f sudoers]\n", getprogname());
if (fatal)
exit(1);
}
" -h, --help display help message and exit\n"
" -q, --quiet less verbose (quiet) syntax error messages\n"
" -s, --strict strict syntax checking\n"
- " -V, --version display version information and exit\n"
- " -x, --export=output_file write sudoers in JSON format to output_file"));
+ " -V, --version display version information and exit\n"));
exit(0);
}
projects / sudo / commitdiff